package com.gome.security.util.cert;

import java.io.*;
import java.security.*;
import java.security.cert.*;

public class CheckCertSion {
	public static void main(String args[]) throws Exception {
		String cacert = "d:/keydsa/gomerb.cer";
		String ifcert = "d:/keydsa/gomerb.cer";

		// 获取CA证书
		CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
		FileInputStream in = new FileInputStream(cacert);
		java.security.cert.Certificate ceof = certificateFactory.generateCertificate(in);
		in.close();

		// 获取待检验的证书
		FileInputStream in1 = new FileInputStream(ifcert);
		java.security.cert.Certificate ceof1 = certificateFactory.generateCertificate(in1);
		in1.close();

		// 获取CA的公钥
		PublicKey pbk = ceof1.getPublicKey();
		boolean pass = false;
		try {
			// 检验证书
			ceof1.verify(pbk);
			pass = true;
		}

		// 处理异常对象
		catch (Exception e) {
			pass = false;
			System.out.println(e);
		}
		if (pass) {
			System.out.println("The Certificate signed by che CA");
		} else {
			System.out.println("!!!not signed by che CA");
		}
	}
}